[log] combo długie otwieranie kompa oraz zrywanie połączenia

**Posty:** 84 · przez **barto0o** 27 Mar 2009, 11:09

komp długo się włącza, często zrywa połączenie z routerem wifi , jak by nie zczytywał ustawień z routera

Kod: Zaznacz wszystko: ComboFix 09-03-26.03 - Administrator 2009-03-27 9:58:19.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1045.18.383.147 [GMT 1:00] Uruchomiony z: c:\documents and settings\Administrator\Pulpit\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) * Utworzono nowy punkt przywracania . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Dane aplikacji\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Dane aplikacji\Microsoft\Network\Downloader\qmgr1.dat c:\documents and settings\LocalService\Dane aplikacji\wsnpoem c:\documents and settings\LocalService\Dane aplikacji\wsnpoem\audio.dll c:\windows\system32\ntos.exe c:\windows\system32\wsnpoem c:\windows\system32\wsnpoem\audio.dll c:\windows\system32\wsnpoem\video.dll ----- BITS: Możliwe zainfekowane strony ----- hxxp://funkypornovideo.net . ((((((((((((((((((((((((( Pliki utworzone od 2009-02-27 do 2009-03-27 ))))))))))))))))))))))))))))))) . 2009-03-22 13:09 . 2009-03-22 13:09 <DIR> d-------- c:\windows\system32\LogFiles 2009-03-20 20:28 . 2009-03-20 20:28 <DIR> d-------- c:\program files\Avira 2009-03-20 20:28 . 2009-03-20 20:28 <DIR> d-------- c:\documents and settings\All Users\Dane aplikacji\Avira 2009-03-20 20:28 . 2009-02-13 11:31 55,640 --a------ c:\windows\system32\drivers\avgntflt.sys 2009-03-20 20:07 . 2009-03-20 20:07 2,877 --a------ c:\windows\is169084.exe 2009-03-18 21:30 . 2009-03-20 20:31 <DIR> d-------- c:\program files\AVG 2009-03-18 19:23 . 2009-03-18 19:23 <DIR> d-------- c:\program files\PITy . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-27 08:43 --------- d-----w c:\documents and settings\Administrator\Dane aplikacji\HPAppData 2009-03-24 18:20 --------- d-----w c:\documents and settings\Administrator\Dane aplikacji\Skype 2009-03-24 16:31 --------- d-----w c:\documents and settings\Administrator\Dane aplikacji\skypePM 2009-02-24 18:13 --------- d-----w c:\program files\HP 2009-02-24 18:08 --------- d-----w c:\program files\Hewlett-Packard 2009-02-24 18:08 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\HP Product Assistant 2009-02-24 18:08 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\HP 2009-02-24 18:07 --------- d-----w c:\program files\Common Files\HP 2009-02-24 16:52 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\WEBREG 2009-02-24 16:51 --------- d-----w c:\documents and settings\Administrator\Dane aplikacji\HP 2009-02-24 16:39 --------- d-----w c:\program files\Common Files\Hewlett-Packard 2009-02-24 16:30 --------- d-----w c:\documents and settings\All Users\Dane aplikacji\Hewlett-Packard 2009-02-15 15:43 --------- d-----w c:\program files\Picasa2 2009-02-15 15:28 --------- d-----w c:\program files\Google 2009-02-15 15:26 --------- d-----w c:\program files\Pity 2008 2009-02-07 18:38 --------- d-----w c:\program files\NAPI-PROJEKT 2008-10-07 15:44 32 ----a-w c:\documents and settings\All Users\Dane aplikacji\ezsid.dat 2008-12-19 18:45 67,688 ----a-w c:\program files\mozilla firefox\components\jar50.dll 2008-12-19 18:45 54,368 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll 2008-12-19 18:45 34,944 ----a-w c:\program files\mozilla firefox\components\myspell.dll 2008-12-19 18:45 46,712 ----a-w c:\program files\mozilla firefox\components\spellchk.dll 2008-12-19 18:45 172,136 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll . ((((((((((((((((((((((((((((( snapshot_2008-12-10_18.56.39,57 ))))))))))))))))))))))))))))))))))))))))) . + 2009-02-24 18:14:22 169,308 ----a-w c:\windows\hpoins28.dat + 2009-02-24 18:12:02 65,536 ----a-r c:\windows\Installer\{11B83AD3-7A46-4C2E-A568-9505981D4C6F}\ARPPRODUCTICON.exe + 2009-02-24 18:12:02 689,456 ----a-r c:\windows\Installer\{11B83AD3-7A46-4C2E-A568-9505981D4C6F}\HPSUShortcut_BB85ED9CAFC943BDB8DC258C3C7DF72E.exe + 2009-02-24 18:12:32 25,214 ----a-r c:\windows\Installer\{34BFB099-07B2-4E95-A673-7362D60866A2}\ARPPRODUCTICON.exe + 2009-02-24 18:10:35 65,536 ----a-r c:\windows\Installer\{5ACE69F0-A3E8-44eb-88C1-0A841E700180}\NewShortcut1.A6CC6977_F7B4_4C0B_9510_BCD847D4BDB2.exe + 2009-02-24 16:42:02 25,214 ----a-r c:\windows\Installer\{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}\NewShortcut1.E6275AC6_5F4F_4F0B_987B_C7E51AB63AA0.exe + 2009-02-24 16:42:02 25,214 ----a-r c:\windows\Installer\{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}\NewShortcut11.E6275AC6_5F4F_4F0B_987B_C7E51AB63AA0.exe + 2009-02-24 18:12:42 25,214 ----a-r c:\windows\Installer\{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}\ARPPRODUCTICON.exe + 2009-02-24 18:12:42 25,214 ----a-r c:\windows\Installer\{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}\NewShortcut1_8CEA85DE955B4BF487F20BAA62821633.exe + 2009-02-24 18:12:42 25,214 ----a-r c:\windows\Installer\{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}\NewShortcut2_8CEA85DE955B4BF487F20BAA62821633.exe - 2000-08-31 07:00:00 28,672 ----a-w c:\windows\NIRCMD.exe + 2000-08-31 07:00:00 29,696 ----a-w c:\windows\NIRCMD.exe + 2007-08-22 15:34:26 287,256 ----a-r c:\windows\system32\AbaleZip.dll + 2003-03-18 18:05:50 89,088 ----a-w c:\windows\system32\atl71.dll + 2009-03-27 08:16:05 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat + 2009-03-27 08:16:05 16,384 ----a-w c:\windows\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\index.dat + 2009-03-27 08:16:05 32,768 ----a-w c:\windows\system32\config\systemprofile\Ustawienia lokalne\Temporary Internet Files\Content.IE5\index.dat + 2007-10-30 09:25:52 309,760 ----a-r c:\windows\system32\difxapi.dll + 2004-08-03 22:08:48 31,616 -c--a-w c:\windows\system32\dllcache\usbccgp.sys + 2004-08-03 21:58:46 15,104 -c--a-w c:\windows\system32\dllcache\usbscan.sys + 2009-02-13 10:17:49 45,416 ----a-w c:\windows\system32\drivers\avgntdd.sys + 2009-02-13 10:29:11 22,360 ----a-w c:\windows\system32\drivers\avgntmgr.sys + 2009-02-13 13:22:54 95,576 ----a-w c:\windows\system32\drivers\avipbb.sys + 2006-10-05 02:42:42 2,432 ------w c:\windows\system32\drivers\cdr4_xp.sys + 2006-10-05 02:42:42 2,560 ------w c:\windows\system32\drivers\cdralw2k.sys + 2007-10-30 09:25:53 49,920 ----a-r c:\windows\system32\drivers\HPZid412.sys + 2007-10-30 09:25:54 16,496 ----a-r c:\windows\system32\drivers\HPZipr12.sys + 2007-10-30 09:25:55 21,568 ----a-r c:\windows\system32\drivers\HPZius12.sys + 2006-09-27 21:53:22 36,560 ------w c:\windows\system32\drivers\pxhelp20.sys + 2009-02-13 10:50:02 28,376 ----a-w c:\windows\system32\drivers\ssmdrv.sys + 2004-08-03 22:08:48 31,616 ----a-w c:\windows\system32\drivers\usbccgp.sys + 2004-08-03 21:58:46 15,104 ----a-w c:\windows\system32\drivers\usbscan.sys + 2007-11-08 14:56:22 271,704 -c--a-r c:\windows\system32\DRVSTORE\hpf4200a_E7EAA61E164BFBDDC91BBD6CE28A51D38C4562F7\hpzids01.dll + 2007-10-30 09:25:52 309,760 -c--a-r c:\windows\system32\DRVSTORE\hpof4200_s_512EC285D237602EBFD04DE1FE5F9769470B7E5F\drivers\dot4\Win2000\difxapi.dll + 2007-10-30 09:25:52 372,736 -c--a-r c:\windows\system32\DRVSTORE\hpof4200_s_512EC285D237602EBFD04DE1FE5F9769470B7E5F\drivers\dot4\Win2000\hppldcoi.dll + 2007-10-21 16:45:47 581,632 -c--a-r c:\windows\system32\DRVSTORE\hpof4200_s_512EC285D237602EBFD04DE1FE5F9769470B7E5F\drivers\scanner\x32\hpotscl6.dll + 2007-10-21 16:45:38 229,376 -c--a-r c:\windows\system32\DRVSTORE\hpof4200_s_512EC285D237602EBFD04DE1FE5F9769470B7E5F\drivers\scanner\x32\hpotsti1.dll + 2007-10-21 16:45:47 303,104 -c--a-r c:\windows\system32\DRVSTORE\hpof4200_s_512EC285D237602EBFD04DE1FE5F9769470B7E5F\drivers\scanner\x32\hpovst15.dll + 2007-10-21 16:45:48 729,088 -c--a-r c:\windows\system32\DRVSTORE\hpof4200_s_512EC285D237602EBFD04DE1FE5F9769470B7E5F\drivers\scanner\x32\hpowiax7.dll + 2007-10-30 09:25:53 49,920 -c--a-r c:\windows\system32\DRVSTORE\hpzid413_F2DA46DE686A3E981420574C9735FC7A1D1CEC02\drivers\dot4\Win2000\HPZid412.sys + 2007-10-30 09:25:52 309,760 -c--a-r c:\windows\system32\DRVSTORE\hpzipa13_A7DBD9D5978C82F6DF51BD5B2874D5189981C606\drivers\dot4\Win2000\difxapi.dll + 2007-10-30 09:25:52 372,736 -c--a-r c:\windows\system32\DRVSTORE\hpzipa13_A7DBD9D5978C82F6DF51BD5B2874D5189981C606\drivers\dot4\Win2000\hppldcoi.dll + 2007-10-30 09:25:53 49,920 -c--a-r c:\windows\system32\DRVSTORE\hpzipa13_A7DBD9D5978C82F6DF51BD5B2874D5189981C606\drivers\dot4\Win2000\HPZid412.sys + 2007-10-30 09:25:54 16,496 -c--a-r c:\windows\system32\DRVSTORE\hpzipa13_A7DBD9D5978C82F6DF51BD5B2874D5189981C606\drivers\dot4\Win2000\HPzipr12.sys + 2007-10-30 09:25:55 21,568 -c--a-r c:\windows\system32\DRVSTORE\hpzipa13_A7DBD9D5978C82F6DF51BD5B2874D5189981C606\drivers\dot4\Win2000\HPZius12.sys + 2007-10-30 09:25:47 282,624 -c--a-r c:\windows\system32\DRVSTORE\hpzipa13_A7DBD9D5978C82F6DF51BD5B2874D5189981C606\HPZc3212.dll + 2007-10-30 09:25:54 16,496 -c--a-r c:\windows\system32\DRVSTORE\hpzipr13_2BA7123A2B001C782F00BD878EE3E5AB9802BA28\drivers\dot4\Win2000\HPZipr12.sys + 2007-10-30 09:25:52 309,760 -c--a-r c:\windows\system32\DRVSTORE\hpzius13_7EB5A3C53FCA2E1B45FC55214BA62EA11FFB20F5\drivers\dot4\Win2000\difxapi.dll + 2007-10-30 09:25:52 372,736 -c--a-r c:\windows\system32\DRVSTORE\hpzius13_7EB5A3C53FCA2E1B45FC55214BA62EA11FFB20F5\drivers\dot4\Win2000\hppldcoi.dll + 2007-10-30 09:25:53 49,920 -c--a-r c:\windows\system32\DRVSTORE\hpzius13_7EB5A3C53FCA2E1B45FC55214BA62EA11FFB20F5\drivers\dot4\Win2000\hpzid412.sys + 2007-10-30 09:25:54 16,496 -c--a-r c:\windows\system32\DRVSTORE\hpzius13_7EB5A3C53FCA2E1B45FC55214BA62EA11FFB20F5\drivers\dot4\Win2000\hpzipr12.sys + 2007-10-30 09:25:55 21,568 -c--a-r c:\windows\system32\DRVSTORE\hpzius13_7EB5A3C53FCA2E1B45FC55214BA62EA11FFB20F5\drivers\dot4\Win2000\HPZius12.sys + 2007-10-30 09:25:55 16,800 -c--a-r c:\windows\system32\DRVSTORE\hpzius13_7EB5A3C53FCA2E1B45FC55214BA62EA11FFB20F5\drivers\dot4\WinxP\Hppaufd0.sys + 2007-10-30 09:25:47 282,624 -c--a-r c:\windows\system32\DRVSTORE\hpzius13_7EB5A3C53FCA2E1B45FC55214BA62EA11FFB20F5\HPZc3212.dll + 2007-11-02 09:58:50 1,645,320 ----a-w c:\windows\system32\gdiplus.dll + 2007-10-21 16:45:47 581,632 ----a-r c:\windows\system32\hpotscl6.dll + 2007-10-21 16:45:47 303,104 ----a-r c:\windows\system32\hpovst15.dll + 2007-10-21 16:45:48 729,088 ----a-r c:\windows\system32\hpowiax7.dll + 2007-10-30 09:25:52 372,736 ----a-r c:\windows\system32\hppldcoi.dll + 2007-10-20 17:25:34 118,272 ----a-w c:\windows\system32\hpz3l5mu.dll + 2006-11-08 15:35:38 49,152 ----a-w c:\windows\system32\HPZidr12.dll + 2007-11-08 14:56:22 271,704 ----a-r c:\windows\system32\hpzids01.dll + 2006-11-08 15:35:36 43,520 ----a-w c:\windows\system32\HPZinw12.dll + 2006-11-08 15:35:38 53,248 ----a-w c:\windows\system32\HPZipm12.dll + 2006-11-08 15:35:40 33,280 ----a-w c:\windows\system32\HPZipr12.dll + 2006-11-08 15:35:40 29,696 ----a-w c:\windows\system32\hpzipt12.dll + 2006-11-08 15:35:40 20,480 ----a-w c:\windows\system32\hpzisn12.dll + 2007-10-19 19:37:06 190,072 ----a-w c:\windows\system32\Macromed\Flash\FlashUtil9b.exe - 2008-11-01 23:33:56 40,326 ----a-w c:\windows\system32\perfc009.dat + 2008-12-14 21:08:15 40,326 ----a-w c:\windows\system32\perfc009.dat - 2008-11-01 23:33:56 49,910 ----a-w c:\windows\system32\perfc015.dat + 2008-12-14 21:08:15 49,910 ----a-w c:\windows\system32\perfc015.dat - 2008-11-01 23:33:56 311,938 ----a-w c:\windows\system32\perfh009.dat + 2008-12-14 21:08:15 311,938 ----a-w c:\windows\system32\perfh009.dat - 2008-11-01 23:33:56 356,068 ----a-w c:\windows\system32\perfh015.dat + 2008-12-14 21:08:15 356,068 ----a-w c:\windows\system32\perfh015.dat + 2006-09-27 21:53:22 514,808 ------w c:\windows\system32\px.dll + 2006-09-27 21:53:22 477,944 ------w c:\windows\system32\pxdrv.dll + 2006-09-27 21:53:22 68,344 ------w c:\windows\system32\pxhpinst.exe + 2006-09-27 21:53:22 183,032 ------w c:\windows\system32\pxmas.dll + 2006-09-27 21:53:23 379,640 ------w c:\windows\system32\pxwave.dll + 2007-09-14 12:52:06 3,019,264 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpbcfgre.dll + 2006-11-30 10:14:06 671,816 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpcdmc32.dll + 2007-06-29 10:55:44 326,144 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpfie5mu.dll + 2007-08-10 09:06:48 356,352 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpfig5mu.dll + 2007-06-29 10:56:06 113,664 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpfrs5mu.dll + 2007-07-31 12:52:28 57,344 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpuac5mu.dll + 2007-10-20 17:14:14 977,920 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpz3c5mu.dll + 2007-10-20 17:25:08 1,789,440 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpz3r5mu.dll + 2007-10-20 17:25:42 235,008 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzc35mu.dll + 2007-10-20 17:22:40 790,528 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzev5mu.dll + 2007-10-19 18:00:40 929,792 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzmcp01.exe + 2007-10-20 17:22:54 302,592 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzpr5mu.dll + 2007-10-20 17:33:22 6,312,448 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzst5mu.dll + 2007-10-20 17:22:28 3,354,112 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzui5mu.dll + 2007-10-20 17:13:08 1,176,576 ----a-w c:\windows\system32\spool\drivers\w32x86\3\hpzur5mu.dll - 2004-08-03 22:44:14 264,704 ----a-w c:\windows\system32\spool\drivers\w32x86\3\UNIDRV.DLL + 2007-03-09 09:03:52 372,736 ----a-w c:\windows\system32\spool\drivers\w32x86\3\UNIDRV.DLL - 2004-08-03 22:44:14 198,144 ----a-w c:\windows\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL + 2007-03-09 09:03:54 740,864 ----a-w c:\windows\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL - 2004-08-03 22:43:36 620,032 ----a-w c:\windows\system32\spool\drivers\w32x86\3\UNIRES.DLL + 2007-03-09 09:03:58 761,344 ----a-w c:\windows\system32\spool\drivers\w32x86\3\UNIRES.DLL + 2007-09-14 12:52:06 3,019,264 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpbcfgre.dll + 2006-11-30 10:14:06 671,816 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpcdmc32.dll + 2007-06-29 10:55:44 326,144 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpfie5mu.dll + 2007-08-10 09:06:48 356,352 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpfig5mu.dll + 2007-06-29 10:56:06 113,664 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpfrs5mu.dll + 2007-07-31 12:52:28 57,344 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpuac5mu.dll + 2007-10-20 17:14:14 977,920 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpz3c5mu.dll + 2007-10-20 17:25:08 1,789,440 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpz3r5mu.dll + 2007-10-20 17:25:42 235,008 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpzc35mu.dll + 2007-10-20 17:22:40 790,528 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpzev5mu.dll + 2007-10-19 18:00:40 929,792 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpzmcp01.exe + 2007-10-20 17:22:54 302,592 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpzpr5mu.dll + 2007-10-20 17:33:22 6,312,448 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpzst5mu.dll + 2007-10-20 17:22:28 3,354,112 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpzui5mu.dll + 2007-10-20 17:13:08 1,176,576 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\hpzur5mu.dll + 2007-03-09 09:03:52 372,736 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\UNIDRV.DLL + 2007-03-09 09:03:54 740,864 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\UNIDRVUI.DLL + 2007-03-09 09:03:58 761,344 ----a-w c:\windows\system32\spool\drivers\w32x86\hpdeskjet_f4200_seri4fdb\UNIRES.DLL + 2007-10-20 17:21:50 278,016 ----a-w c:\windows\system32\spool\prtprocs\w32x86\hpzpp5mu.dll + 2006-09-27 21:53:23 39,672 ------w c:\windows\system32\vxblock.dll + 2007-10-31 14:45:34 12,288 ----a-r c:\windows\Twunk_16.dll + 2007-10-31 14:45:34 12,288 ----a-r c:\windows\Twunk_32.dll + 2009-02-24 18:08:22 1,230,336 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da\msxml4.dll + 2007-09-12 10:23:20 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_6e85597b\ATL80.dll + 2007-05-08 13:19:08 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcm80.dll + 2007-05-08 13:19:08 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcp80.dll + 2007-05-08 13:19:08 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcr80.dll + 2007-05-08 13:19:10 1,093,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfc80.dll + 2007-05-08 13:19:10 1,079,808 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfc80u.dll + 2007-05-08 13:19:10 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfcm80.dll + 2007-05-08 13:19:10 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfcm80u.dll + 2007-10-19 19:46:08 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80CHS.dll + 2007-10-19 19:46:08 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80CHT.dll + 2007-10-19 19:46:08 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80DEU.dll + 2007-10-19 19:46:08 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ENU.dll + 2007-10-19 19:46:08 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ESP.dll + 2007-10-19 19:46:08 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80FRA.dll + 2007-10-19 19:46:08 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80ITA.dll + 2007-10-19 19:46:08 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80JPN.dll + 2007-10-19 19:46:08 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_341af80a\mfc80KOR.dll + 2008-07-29 07:05:06 161,784 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll + 2008-07-29 02:54:08 225,280 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll + 2008-07-29 07:05:08 572,928 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll + 2008-07-29 07:05:08 655,872 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll + 2008-07-29 07:05:08 3,768,312 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll + 2008-07-29 07:05:10 3,783,672 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll + 2008-07-29 05:07:42 59,904 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll + 2008-07-29 05:07:42 59,904 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll + 2008-07-29 07:05:06 38,912 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll + 2008-07-29 07:05:06 39,936 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll + 2008-07-29 07:05:08 66,560 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll + 2008-07-29 07:05:08 56,832 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll + 2008-07-29 07:05:06 65,024 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll + 2008-07-29 07:05:08 65,024 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll + 2008-07-29 07:05:06 66,048 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll + 2008-07-29 07:05:08 64,512 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll + 2008-07-29 07:05:08 46,592 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll + 2008-07-29 07:05:08 46,080 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll + 2008-07-29 07:05:08 62,976 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll + 2007-11-07 01:19:20 54,272 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll . -- Migawka wyzerowana -- . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HControl"="c:\windows\ATK0100\HControl.exe" [2006-02-23 106496] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-10-21 761945] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "RTHDCPL"="RTHDCPL.EXE" [2006-11-14 c:\windows\RTHDCPL.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\All Users\Menu Start\Programy\Autostart\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-01-11 21:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] --a------ 2006-04-13 10:09 49152 c:\program files\CyberLink\PowerDVD\Language\Language.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] --------- 2005-12-07 21:57 30208 c:\program files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] --a------ 2006-05-16 17:04 2879488 c:\windows\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "RichVideo"=2 (0x2) "ose"=3 (0x3) "Nero BackItUp Scheduler 4.0"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\BearShare\\BearShare.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-03-20 108289] R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [2008-08-16 1056512] R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [2008-08-16 8064] S3 ASNDIS5;ASNDIS5 Protocol Driver;c:\windows\ATK0100\ASNDIS5.sys [2008-08-16 16269] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . . ------- Skan uzupełniający ------- . uStart Page = hxxp://google.bearshare.com/pl uDefault_Search_URL = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {A928C271-0FFC-434A-88AE-6966D4BF2C33} = 10.0.0.1,88.220.188.210 FF - ProfilePath - c:\documents and settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\hdyjw09l.default\ FF - prefs.js: browser.startup.homepage - www.onet.pl FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-27 10:00:26 Windows 5.1.2600 Dodatek Service Pack 2 NTFS skanowanie ukrytych procesów ... skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ... skanowanie pomyślnie ukończone ukryte pliki: 0 ************************************************************************** . --------------------- Pliki DLL ładowane pod uruchomionymi procesami --------------------- - - - - - - - > 'winlogon.exe'(824) c:\windows\system32\Ati2evxx.dll . Czas ukończenia: 2009-03-27 10:01:49 ComboFix-quarantined-files.txt 2009-03-27 09:01:47 ComboFix2.txt 2008-12-10 17:57:11 ComboFix3.txt 2008-11-15 10:47:50 Przed: 17,972,473,856 bajtów wolnych Po: 18,502,610,944 bajtów wolnych 304

**Posty:** 18165 · przez **wojtas** 27 Mar 2009, 19:28

te plik/i :

c:\windows\is169084.exe

przesaknuj tu

http://virusscan.jotti.org/
http://www.virustotal.com/

i daj raporty ze skanow

**Posty:** 84 · przez **barto0o** 27 Mar 2009, 20:35

wirus total

Kod: Zaznacz wszystko: Antywirus Wersja Ostatnia aktualizacja Wynik AhnLab-V3 2008.11.14.3 2008.11.16 - AntiVir 7.9.0.31 2008.11.14 - Authentium 5.1.0.4 2008.11.15 - Avast 4.8.1281.0 2008.11.16 - AVG 8.0.0.199 2008.11.16 - BitDefender 7.2 2008.11.16 - CAT-QuickHeal 10.00 2008.11.15 - ClamAV 0.94.1 2008.11.15 - DrWeb 4.44.0.09170 2008.11.16 - eSafe 7.0.17.0 2008.11.16 - eTrust-Vet 31.6.6210 2008.11.14 - Ewido 4.0 2008.11.16 - F-Prot 4.4.4.56 2008.11.15 - F-Secure 8.0.14332.0 2008.11.16 - Fortinet 3.117.0.0 2008.11.15 - GData 19 2008.11.16 - Ikarus T3.1.1.45.0 2008.11.16 - K7AntiVirus 7.10.526 2008.11.15 - Kaspersky 7.0.0.125 2008.11.16 - McAfee 5435 2008.11.15 - Microsoft 1.4104 2008.11.16 - NOD32 3615 2008.11.15 - Norman 5.80.02 2008.11.14 - Panda 9.0.0.4 2008.11.16 - PCTools 4.4.2.0 2008.11.16 - Prevx1 V2 2008.11.16 - Rising 21.03.42.00 2008.11.14 - SecureWeb-Gateway 6.7.6 2008.11.16 - Sophos 4.35.0 2008.11.16 - Sunbelt 3.1.1801.2 2008.11.14 - Symantec 10 2008.11.16 - TheHacker 6.3.1.1.155 2008.11.15 - TrendMicro 8.700.0.1004 2008.11.14 - VBA32 3.12.8.9 2008.11.15 - ViRobot 2008.11.15.1470 2008.11.15 - VirusBuster 4.5.11.0 2008.11.15 - Dodatkowe informacje File size: 2877 bytes MD5...: c79abb8e82079b95280de303c43fe764 SHA1..: 9bfafea75d626fe0c424bf17e632fdebd0712efc SHA256: 1b143b4ab66f3a25a8897e0fb0179c2fda10fc5647d0062bcfb93680bc5710f9 SHA512: 07392c8766aed2044b84e977ef7d05e9f15f2da89a8f4829b7c45d2ddbcd8cc1 dd418548fb148640597f1ef6945dd9f7ebb86199c91416811afbecb45ee4e63d PEiD..: - TrID..: File type identification GIF89a Bitmap (60.0%) GIF Bitmap (generic) (30.0%) PrintFox (C64) bitmap (10.0%) PEInfo: -

http://virusscan.jotti.org/

Kod: Zaznacz wszystko: A-Squared Found nothing AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing CPsecure Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing F-Secure Anti-Virus Found nothing Ikarus Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing Panda Antivirus Found nothing Quick Heal Found nothing Sophos Antivirus Found nothing VirusBuster Found nothing VBA32 Found nothing

**Posty:** 18165 · przez **wojtas** 28 Mar 2009, 13:13

1. Ściągnij OTMoveIt i go włacz i odpal go z opcji CleanUp

oraz skasuj folder C:\Qoobox
2. wykonaj optymalizację windowsa
3.sciagnij ATF_Cleaner
zaznacz
Windows Temp
All users Temp
Temporary internet files
Recycle Bin
i wcisnij EMPTY SELECTED
4.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem
5. Wykonaj skan Dr. Web CureIt
6. Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum.

i tym:

FixIEDef.